Skip to content

Dear Internet Explorer user: Your browser is no longer supported

Please switch to a modern browser such as Microsoft Edge, Mozilla Firefox or Google Chrome to view this website's content.

Use PHP to ensure a page can only be accessed via a specific URL

Use this handy PHP script to redirect visitors who access a web page via an external link or by typing the URL directly into their browser.

A situation recently arose where I wanted to redirect all traffic that accessed a certain URL (either directly or via an external site)  unless that traffic arrived via a hyperlink on my website.

The following PHP script will perform the following functions:

  1. Check the HTTP referrer to see whether the visitor has come from a page on an approved website (host)
  2. If the visitor has come from an approved website, display the page content
  3. If the referrer page is unapproved, redirect to another defined page
  4. If a direct call is made for the page, redirect to another defined page as if the page was accessed from an external link.

This simple script is ideal for ‘presentation’ purposes but should not be used where security is an important concern as referrer data can be spoofed.

The following code should be added at the very top of a PHP file, even before the <!DOCTYPE>:

<?php
$referer = $_SERVER['HTTP_REFERER'];
$referer_parse = parse_url($referer);

if($referer_parse['host'] == "example.com" || $referer_parse['host'] == "www.example.com") {
     // Page content will display
} else {
     header("Location: http://www.example.com/redirected-page");
     exit();
}
?>

You will need to replace “example.com” and “www.example.com” with your website (assuming you only want to permit links from your own website). Otherwise add the hostnames of websites from which you will accept referrer traffic.

You will then need to replace “http://www.example.com/redirected-page” with the URL of a page that you wish to redirect people to if they enter the page’s URL directly, or access the page from an ‘unapproved’ link.

Now, if people try to access the page directly or via an external link, they will instantly be redirected to another page.

   

Comments

3 responses to “Use PHP to ensure a page can only be accessed via a specific URL”

On 2 July 2012, Philip wrote: Hyperlink chain icon

Thanks Adam, I was looking for some PHP redirect code to allow only internal links to access a wholesale pricing page on an eCommerce website and this was the code I was looking for!

Reply

On 27 March 2014, Steve wrote: Hyperlink chain icon

I don’t see the php code here, where can I find it?

Reply

On 1 April 2014, Adam Dimech wrote: Hyperlink chain icon

Sorry Steve, there was a rendering problem that I’d not identified from the website upgrade. All is fixed now and you should be able to see the code.

Reply

Have Your Say

The following HTML is permitted:
<a href="" title=""> <b> <blockquote cite=""> <code> <em> <i> <q cite=""> <strike> <strong>

Comments will be published subject to the Editorial Policy.